<?php
namespace App\Http\Middleware;

use Closure;

class Cors
{
    /**
     * 跨域处理
     */
    public function handle($request, Closure $next)
    {
//        $response = $next($request);
//        $response->header('Access-Control-Allow-Origin', '*');
//        $response->header('Access-Control-Allow-Headers', 'Origin, Content-Type, Cookie, Accept, multipart/form-data, application/json');
//        $response->header('Access-Control-Allow-Methods', 'GET, POST, PATCH, PUT, OPTIONS');
//        $response->header('Access-Control-Allow-Credentials', 'false');
//        return $response;
       // exit('sssssssss');
      //  header("Access-Control-Allow-Origin: *");

         $orign = 'http://bd.www.fuzhuangchangongxiao.cn';
        if (isset($_SERVER['HTTP_ORIGIN'])) {
            $orign = $_SERVER['HTTP_ORIGIN'];
        }


        $headers = [
            'Access-Control-Allow-Methods'=> 'POST, GET, OPTIONS, PUT, DELETE',
            'Access-Control-Allow-Headers'=> 'Content-Type, X-Auth-Token, Origin',
            'Access-Control-Allow-Origin'=> $orign,///实现跨域
            'Access-Control-Allow-Credentials'=> 'true',///实现跨域
        ];
        $response = $next($request);
        foreach($headers as $key => $value)
            $response->header($key, $value);
        return $response;
    }
}